A vulnerability, which was classified as problematic , has been found in harttle liquidjs up to 10.25.x . This affects the function pad/padStart of the file src/util/underscore.ts . The manipulation leads to resource consumption. This vulnerability is traded as CVE-2026-45357 . It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.